CLAIMS 



What is claimed is: 

1 A method for evidencing payment of indicia using secret key cryptography in a system 
including a plurality of indicia generating devices that are divided into groups, each of the 
indicia generating devices for generating and printing indicia on a media that is to be 
received at a plurality of establishments, wherein the establishments are associated with 
different geographic designations, the method comprising the steps of: 

(a) assigning a plurality of verification keys to each indicia generating device in 
each of the groups, wherein each of the verification keys assigned to each of 
the groups is encrypted as a function of a respective geographic designation; 

(b) associating a key ID with each of the verification keys and encrypting each 
key ID as a function of the same geographic designation used to encrypt the 
corresponding verification key; 

(c) distributing to each one of the establishments, the verification keys and the 
key ID's that were encrypted as a function of the geographic designation 
associated with the establishment; 

(d) using one of the indicia generating devices to generate indicia for media 
destined for a particular one of the establishments, and evidencing the indicia 

by 

(i) generating one of the verification keys and the corresponding key ID 
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19 assigned to indicia generating device's group based on the 

20 geographic designation associated with the particular establishment, 

21 and 

22 (ii) using the generated verification key to create a digital signature, and 

23 digitally signing the indicia by including the digital signature and the 

24 generated key ID in the indicia; and 

25 (e) upon receiving the media at the particular establishment, verifying the indicia 
£236 on the media using the key ID on the indicia and the distributed verifications 
||7 keys to compute a digital signature, and comparing the computed digital 

signature with the digital signature on the indicia. 

is 

pi 2 The method of claim 1 further including the steps of: 
W2 assigning a secret key to each of the groups, and 

M3 encrypting the verification keys assigned to each group as a function of the secret key 

4 and the different geographic designations. 
1 

1 3 The method of claim 2 further including the steps of: 

2 generating a master key; and 

3 encrypting the key ID as a function of the master key, the geographic designation, 

4 and a designation of the group. 
1 

1 4 The method of claim 3 further including the step of generating and printing indicia for 

2 postage on a mail piece that is to be received at a plurality of distribution centers. 
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5 The method of claim 4 further including the step of verifying the indicia at a destination 
distribution center. 

6 The method of claim 4 further including the step of verifying the indicia at an originating 
distribution center. 

7 The method of claim 3 further including the step of using zip codes to represent the 
geographic designations. 

8 The method of claim 1 further including the step of generating and printing indicia for 
tickets. 

9 A method for evidencing payment of postage using secret key cryptography in a system 
including a plurality of postage generating devices that are divided into groups, each of the 
postage generating devices for generating postage indicia for mail destined for 
predetermined postal destinations, the method comprising the steps of: 

(a) assigning a plurality of verification keys to each indicia generating device in 
each of the groups, wherein each of the verification keys assigned to each of 
the groups is encrypted as a function of a respective ; 

(b) associating a key ID with each of the verification keys and encrypting each 
key ID as a function of the same destination used to encrypt the 
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1 0 corresponding verification key; 

1 1 (c) requiring that verifiers of the postage indicia perform postal verification at the 

12 plurality of destinations, where each verifier services a respective destination; 

13 (d) distributing to each respective destination verifier, the verification keys and 

14 the key ID ! s that were encrypted as a function of the corresponding 

15 destination; and 

16 (e) requiring each of the postage generating devices to evidence the postage 
Mg7 indicia for a mail piece destined for a particular destination by 

3:8 (i) generating one of the verification keys and the corresponding key ID 

39 assigned to its group based on that particular destination, and 

= : 

w 

[io (ii) using the generated verification key to create a digital signature, and 

□1 digitally signing the indicia by including the digital signature and the 

4|2 generated key ED on the indicia, such that when the mail is received at 

^3 the predetermined destination, the verifier uses the key ID on the 

24 indicia and the distributed verifications keys to compute a digital 

25 signature, and compares the computed digital signature with the 

26 digital signature on the postage indicia to verify the postage indicia. 
1 

1 10 The method of claim 9 further including the steps of: 

2 assigning a secret key to each of the groups, and 

3 encrypting the verification keys assigned to each group as a function of the secret key 

4 and the plurality of destinations. 
1 
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1 1 The method of claim 10 further including the steps of: 

generating a master key; and 

encrypting the key ID as a function of the master key, the destination, and a 
designation of the group. 

12 The method of claim 11 further including the step of performing postage verification 

<* 

onsite at a destination distribution center. 

13 The method of claim 12 further including the step of performing postage verification by 
a third party that is in remote communication with the destination distribution center. 

14 The method as in claim 13 wherein the verifier further performs the steps of using the 
key ID to retrieve the corresponding verification key used to originally create the digital 
signature. 

15 A system for evidencing payment of postage using secret key cryptography, comprising: 

a plurality of postage generating devices that are divided into groups, each of the 
postage generating devices for generating postage indicia for mail destined 
for predetermined postal destinations; 

a plurality of distribution centers for verifying the postage indicia, where each 
distribution center services at least one of the postage destinations; and 

a key distribution center in communication with the plurality of postage generating 
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8 devices and with the plurality of distribution centers, the key distribution 

9 center for performing the functions of: 

10 assigning a plurality of verification keys to each indicia generating 

1 1 device in each of the groups, wherein each of the verification 

12 keys assigned to each of the groups is encrypted as a function 

13 of a respective destination, and for associating a key ID with 

14 each of the verification keys and encrypting each key ID as a 
r|5 function of the same destination used to encrypt the 
ffl6 corresponding verification key, and 

5=t7 distributing to each of the plurality of distribution centers, the 

rK8 verification keys and the key ID's encrypted as a function of 

g|9 the destination the distribution center services, 

\20 wherein in response to a request to generate indicia for a mail piece destined for a 

Ol particular destination, each of the postage generating devices generates one of 

Q 

22 the verification keys and the corresponding key ID assigned to its group 

23 based on that particular destination, and uses the generated verification key to 

24 create a digital signature for the indicia, such that when the mail is received at 

25 the distribution center servicing the predetermined destination, the key ID 

26 from the indicia and the verification keys distributed to the distribution center 

27 are used to verify the digital signature on the postage indicia. 
1 

1 16 The system of claim 15 wherein the key distribution center further generates a master 

2 key, and a secret key for each of the postage generating devices groups, and distributes the 
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master key and the secret key to the respective postage generating devices within each of the 
groups. 

17 The system of claim 16 wherein the verification keys assigned to each group are 
encrypted as a function of the secret key and the plurality of destinations. 

18 The system of claim 17 further wherein the key ID is encrypted as a function of the 
master key, the destination, and a designation of the group. 

19 The system of claim 18 wherein verification of the postage is performed onsite at the 
destination distribution centers. 

20 The system of claim 19 wherein verification of the postage is performed by a third party 
that is in remote communication with the destination distribution centers. 

21 The system as in claim 20 wherein the indicia is verified by using the key ID from the 
indicia to retrieve the corresponding verification key used to originally create the digital 
signature, wherein the retrieved verification key is used to compute the digital signature for 
the indicia and the computed digital signature is compared with the digital signature from 
the indicia. 

22 A computer-readable media containing program instructions for evidencing payment of 
postage using secret key cryptography in a system including a plurality of postage 
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3 generating devices that are divided into groups, each of the postage generating devices for 

4 generating postage indicia for mail destined for predetermined postal destinations from 

5 among a plur&lity of destinations, the program instructions for: 

6 (a) assigning a plurality of verification keys to each indicia generating device in 

7 each of the groups, wherein each of the verification keys assigned to each of 

8 the groups is encrypted as a function of a respective destination; 

9 (b) associating a key ID with each of the verification keys and encrypting each 
= J$ key ID as a function of the same destination used to encrypt the 
fjl corresponding verification key; 

CB2 (c) requiring that verifiers of the postage indicia perform postal verification at the 

"? 

U3 plurality of destinations, where each verifier services a respective destination; 

Ln 

!14 (d) distributing to each respective destination verifier, the verification keys and 

fl'5 the key ID's that were encrypted as a function of the corresponding 

~~ 

ffe destination; and 

17 (e) requiring each of the postage generating devices to evidence the postage 

1 8 indicia for a mail piece destined for a particular destination by 

19 (i) generating one of the verification keys and the corresponding key ID 

20 assigned to its group based on that particular destination, and 

21 (ii) using the generated verification key to create a digital signature, and 

22 digitally signing the indicia by including the digital signature and the 

23 generated key ID on the indicia, such that when the mail is received at 

24 the predetermined destination, the verifier uses the key ID on the 

25 indicia and the distributed verifications keys to compute a digital 
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26 signature, and compares the computed digital signature with the 

27 digital signature on the postage indicia to verify the postage indicia. 
1 

1 23 The computer-readable media of claim 22 further including the instructions of: 

2 assigning a secret key to each of the groups, and 

3 encrypting the verification keys assigned to each group as a function of the secret key 

4 and the plurality of destinations. 

pi 

CP 1 24 The computer-readable media of claim 23 further including the instructions of: 
3?2 generating a master key; and 

J^3 encrypting the key ID as a function of the master key, the destination, and a 

q4 designation of the group. 

yl 

Ol - 25 The computer-readable media of claim 24 further including the instruction of performing 

O 

2 postage verification onsite at a destination distribution center. 

. 1 

1 26 The computer-readable media of claim 25 further including the instruction of performing 

2 postage verification by a third party that is in remote communication with the destination 

3 distribution center. 
1 

1 27 The computer-readable media as in claim 26 further including the instructions of using 

2 the key ID to retrieve the corresponding verification key used to originally create the digital 

3 signature. 
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28 A method for generating and distributing cryptographic keys for postage evidencing and 
verification in a system where mail is destined for predetermined postal destinations , 
wherein each of the postal destinations is serviced by a postal distribution center, the method 
comprising the steps of: 

(a) creating a master secret key K; 

(b) dividing a plurality of postage generating devices (PGDs) that generate 
postage indicia for mail into n groups Gj 9 i = 1,. . .n; 

(c) assigning each PDG group, G z *, a secret key K^; 

(d) generating a set of n verification keys, Vf*** >i = for each PGD group 
G/, where each of the verification keys is calculated as a function of a 
respective postal destination (Dest); 

(e) generating a set of key ID's, iP^J = , where each key ID corresponds 
to one of the verification keys and is also generated as a function the same 
postal destination used to calculate the corresponding verification key; 

(f) transferring to each distribution center, the verification keys vP est and key 
ID's iP&t that were calculated as a function of the destination serviced by 
the distribution center; and 

(g) transferring the master secret key K and the secret key K( to all PGD's in 
group Gi, such that each PGD, when evidencing indicia for the mail destined 
for one of the predetermined postal destination, generates one of the 
verification keys based on the predetermined postal destination to create a 
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22 digital signature for the indicia. 
1 

1 29 The method of claim 28 further including the step of computing each verification key 

2 ypest ^ a one-way function H of the PGD group keyA^. and a designation of the postal 

3 destination: 

4 ^. =H(K i9 Dest). 
1 

Jrt 30 The method of claim 29 further including the step of using ZIP codes to designate the 

C2 plurality of postal destinations. 

si 

31 The method of claim 30 further including the step of computing each of the key ID's as a 

y> one-way function H of the PGD group, G;, the master secret key, K, and a designation of the 

y \ 

= : 

= 55 

q? postal destination, Dest: 

Qt If est =H(K 9 Dest,G i ). 
1 

1 32 A method for verifying postage indicia a mail piece received at a postal distribution 

2 center that services a particular postal region, comprising the steps of: 

3 (a) receiving and storing a set of verification keys vP est and a set of key ID's 

4 ipest identifying the verification keys, wherein the verification keys and the 

5 key ID's were generated as a function of the postal region; 

6 (b) in response to receiving the mail piece, determining the mail piece's postal 

7 region; 
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8 (c) if the distribution center is not within the mail piece's destination region, 

9 transferring the mail piece to the distribution center within the mail piece's 

10 postal region; and 

1 1 (d) if the distribution center is within the mail piece's postal region, verifying the 

1 2 postage indicia by 

1 3 (i) reading a digital signature and a key ID from the indicia, 

14 (ii) using the key ID read from the indicia to retrieve the corresponding 

verification key from the stored set of verification keys, 
ff6 (iii) using the retrieved verification key to compute a digital signature for 

the indicia, and 

(iv) comparing the computed digital signature with the digital signature 
j|p read from the postage indicia to verify the indicia. 

y 

Ql 33 The method of claim 32 further including the step of determining the mail piece's postal 

2 region based on a zip code. 
1 

1 34 The method of claim 33 further including the step of determining the mail piece's postal 

2 region based on a destination zip code. 
1 

1 35 The method of claim 33 further including the step of determining the mail piece's postal 

2 region based on a return address zip code. 
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